RSS   Vulnerabilities for 'Openh323'   RSS

2007-10-08
 
CVE-2007-4924

CWE-20
 

 
The Open Phone Abstraction Library (opal), as used by (1) Ekiga before 2.0.10 and (2) OpenH323 before 2.2.4, allows remote attackers to cause a denial of service (crash) via an invalid Content-Length header field in Session Initiation Protocol (SIP) packets, which causes a \0 byte to be written to an "attacker-controlled address."

 

 >>> Vendor: Openh323 project 2 Products
Pwlib
Openh323


Copyright 2024, cxsecurity.com

 

Back to Top